Beware LeakerLocker: Ransomware That Locks Your Mobile

Philip Bates 19-07-2017

Fresh on the heels of the malware best known as WannaCry The Global Ransomware Attack and How to Protect Your Data A massive cyberattack has struck computers around the globe. Have you been affected by the highly virulent self-replicating ransomware? If not, how can you protect your data without paying the ransom? Read More , new ransomware threatens to lock your device and send private information to your family and friends.


It’s as if you can’t go a month without a new strain of malware Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats When you start to think about all the things that could go wrong when browsing the Internet, the web starts to look like a pretty scary place. Read More hitting the headlines. Admittedly, while relatively few are actually victims, it’s a catch-22: fear of ransomware is why it’s always big news, but media attention only heightens this.

Nonetheless, this is a particularly nasty threat that you need to know about right now.

What Is LeakerLocker?

You’ll likely be pretty familiar with ransomware A History of Ransomware: Where It Started & Where It's Going Ransomware dates from the mid-2000s and like many computer security threats, originated from Russia and eastern Europe before evolving to become an increasingly potent threat. But what does the future hold for ransomware? Read More : it’s malicious software that encrypts all your data and only allows you access if you pay a ransom Don't Pay Up - How To Beat Ransomware! Just imagine if someone showed up on your doorstep and said, "Hey, there's mice in your house that you didn't know about. Give us $100 and we'll get rid of them." This is the Ransomware... Read More . Except a lot of cybercriminals won’t even unencrypt your files, instead demanding more money.

LeakerLocker is slightly different, in that it locks your home screen but doesn’t encrypt everything you’ve got on your device. It’s still ransomware, however, because it warns that it’s gathering your browser data, text messages, call history, location information, emails, social media messages, and photos. It states that, without paying up, it will leak all this private data to your contacts.

If ransomware is defined by its ability to take dominance over a large proportion of your life and blackmail you to get it back, LeakerLocker fills these criteria perfectly.


Beware LeakerLocker: Ransomware That Locks Your Mobile 23822510 0431bea68a b
Image Credit: Dan Phiffer via Flickr.

It’s actually ingenious. The fee asked isn’t as substantial as most ransomware. It’s $50. That’s a fair amount, but not enough to price itself out of the market. People will be distraught, but will also figure, it’s “only” $50.

The ransom has to be paid via credit card, and within 72 hours. If the payment is successful, victims are told that their personal information is safe; if not, it informs you that “Your privacy is in danger.”

It’s worth noting that, should payment be successful 5 Reasons Why You Shouldn't Pay Ransomware Scammers Ransomware is scary and you don't want to get hit by it -- but even if you do, there are compelling reasons why you should NOT pay said ransom! Read More , you’ve proved to scammers that you’re willing to pay. It assures you that the danger is over. But that doesn’t mean you won’t be held to ransom in the same way again.


How Does It Infect Devices?

Security firm, McAfee discovered the malware in two apps via the Google Play store. It runs on Android phones as Android/Ransom.LeakerLocker.A!Pkg. The malicious apps are “Wallpapers Blur HD”, downloaded between 5,000 and 10,000 times, and “Booster & Cleaner Pro”, downloaded up to 5,000 times.

The former appears to be a pretty standard service that offers a number of wallpapers How to Make Your Own Custom Wallpaper for Android Your wallpaper is the face of your phone, so it better be good. Read More for your lock and home screens. The latter, meanwhile, purports to be an “Optimizer, Junk Cleaner, Speed Booster, App Manager, and Battery Saver” — essentially, it’s supposedly maintenance software. And indeed, it does that, while hiding its further malicious function.

They both have typically positive reviews, “Booster & Cleaner Pro” in particular, boasting a 4.5/5 rating. Of course, many of these are fraudulent reviews The Trouble with Bad iTunes App Store Reviews & How to Avoid Them As more mobile apps fight for recognition and downloads in a world where consumers increasingly expect something for nothing, many are playing dirty when it comes to getting noticed. Read More .


Avast is also reporting that “Call Recorder”, which supposedly does exactly what it says on the tin, is infected with LeakerLocker.

The apps seek permission to a wide range of other features; while you might be sceptical about allowing a wallpaper app access to, say, your social networking accounts, you could understand why the Booster one requires such things, seeing as it apparently aims to save your battery 10 Proven and Tested Tips to Extend Battery Life on Android Suffering from poor battery life on Android? Follow these tips to get more juice out of your Android device's battery. Read More .

Is it as Bad as it Sounds?

Yes, and no.

Anyone who has downloaded those apps will naturally feel victimised. The threat of all your private information being leaked How A "Minor" Data Breach Made Headline News & Ruined Reputations Read More online is bad enough, without considering that it ends up in the hands of your family and friends.


McAfee has tried to reassure users:

“Not all the private data that the malware claims to access is read or leaked. The ransomware can read a victim’s email address, random contacts, Chrome history, some text messages and calls, pick a picture from the camera, and read some device information.”

But that’s not a great comfort. It might not be able to read everything it claims, but it can read some of what it says it can. Certainly, the potential 15,000 victims won’t see much to be relieved about here.

Equally, no exact numbers are known as to whether details really have been leaked, or, indeed, if any have been at all. It’d be churlish to call this an empty threat, but it’s not affected the masses just yet either.

Google is currently investigating the two apps, but who knows whether more are still lurking in the Play store?

Does it Affect Any Other Operating Systems?

Most people won’t be affected by LeakerLocker, even if they’re on Android. Still, a survey in 2015 found that 97% of malware targets that particular Operating System (OS).

Beware LeakerLocker: Ransomware That Locks Your Mobile 8538679708 015bc2fdcb b
Image Credits: Uncalno Tekno via Flickr.

Android is open-source, so developers using the complex C++ programming How to Learn C++ Programming: 6 Sites to Get Started Want to learn C++? Here are the best websites and online courses to C++ for beginners and experience programmers alike. Read More , or Java can insert malicious code. In most cases, you’re only compromised if you use third-party apps How to Sideload Any File onto Your Android Phone or Tablet You may have come across the term "sideloading" before, but what does it mean? And how can you go about sideloading apps or files? Read More , not verified through the official store, but as LeakerLocker proves, malware does slip through.

As for other phones, arguably the two most popular alternatives — Windows Mobile 10 and Apple — vet all apps through their strict respective stores. They use the “sandbox” or “walled garden” approach, which stops apps interacting with each other without permissions from the user.

Except malicious apps seek authorization on Android too.

You have to weigh up which you consider the most secure mobile OS What Is The Most Secure Mobile Operating System? Battling for the title of Most Secure Mobile OS, we have: Android, BlackBerry, Ubuntu, Windows Phone, and iOS. Which operating system is the best at holding its own against online attacks? Read More , decide whether a jailbroken phone is right for you, and then whether individual apps really need access to other features.

If LeackerLocker exists on other OS, it’s not been discovered yet. As ransomware has no reason for hiding itself, potential victims would surely have come forward by now. Still, that doesn’t mean it can’t infect iPhones, for instance, in the future.

How Can You Protect Yourself?

Google is investigating, so you won’t be able to download “Wallpapers Blur HD” or “Booster & Cleaner Pro”, even if you had some bizarre reason for wanting to.

Beware LeakerLocker: Ransomware That Locks Your Mobile 15254388414 e769a93266 k
Image Credits: Eduardo Woo via Flickr.

LeackerLocker might be running in the background of further apps Malware on Android: The 5 Types You Really Need to Know About Malware can affect mobile as well as desktop devices. But don't be afraid: a bit of knowledge and the right precautions can protect you from threats like ransomware and sextortion scams. Read More , however. Forget the myths: you also need security software on your smartphone Do You Need Antivirus Apps on Android? What About iPhone? Does Android need antivirus apps? What about your iPhone? Here's why smartphone security apps are important. Read More . Keeping your OS up-to-date will also patch any holes found.

If you do fall victim, do not pay the ransom. $50 might seem tempting, but it encourages the scammers. Think of it this way: you’re handing money to criminals in order for them to scam more people.

With a distinct lack of reported incidents, it’s questionable whether any personal information will be leaked regardless.

Are you worried about LeakerLocker? Have you been affected already? And what did you do?

Image Credit: robbin lee via

Related topics: Ransomware, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *